Package com.sun.identity.authentication.modules.hotp

Class HOTPAlgorithm

  • public class HOTPAlgorithm
extends Object
    This class contains static methods that are used to calculate the One-Time Password (OTP) using JCE to provide the HMAC-SHA-1.
    Version:
    1.0
    Author:
    Loren Hart

    • Method Detail

      • calcChecksum

        public static int calcChecksum​(long num,
                               int digits)
        Calculates the checksum using the credit card algorithm. This algorithm has the advantage that it detects any single mistyped digit and any single transposition of adjacent digits.
        Parameters:
        num - the number to calculate the checksum for
        digits - number of significant places in the number
        Returns:
        the checksum of num

      • hmac_sha1

        public static byte[] hmac_sha1​(byte[] keyBytes,
                               byte[] text)
                        throws NoSuchAlgorithmException,
                               InvalidKeyException
        This method uses the JCE to provide the HMAC-SHA-1 algorithm. HMAC computes a Hashed Message Authentication Code and in this case SHA1 is the hash algorithm used.
        Parameters:
        keyBytes - the bytes to use for the HMAC-SHA-1 key
        text - the message or text to be authenticated.
        Throws:
        NoSuchAlgorithmException - if no provider makes either HmacSHA1 or HMAC-SHA-1 digest algorithms available.
        InvalidKeyException - The secret provided was not a valid HMAC-SHA-1 key.

      • generateOTP

        public static String generateOTP​(byte[] secret,
                                 long movingFactor,
                                 int codeDigits,
                                 boolean addChecksum,
                                 int truncationOffset)
                          throws NoSuchAlgorithmException,
                                 InvalidKeyException
        This method generates an OTP value for the given set of parameters.
        Parameters:
        secret - the shared secret
        movingFactor - the counter, time, or other value that changes on a per use basis.
        codeDigits - the number of digits in the OTP, not including the checksum, if any.
        addChecksum - a flag that indicates if a checksum digit should be appended to the OTP.
        truncationOffset - the offset into the MAC result to begin truncation. If this value is out of the range of 0 ... 15, then dynamic truncation will be used. Dynamic truncation is when the last 4 bits of the last byte of the MAC are used to determine the start offset.
        Returns:
        A numeric String in base 10 that includes
        Throws:
        NoSuchAlgorithmException - if no provider makes either HmacSHA1 or HMAC-SHA-1 digest algorithms available.
        InvalidKeyException - The secret provided was not a valid HMAC-SHA-1 key.